Akamai's Prolexic Security Engineering & Research Team (PLXsert) issued a new advisory Monday that provides a full analysis of the Poodle vulnerability, including actions companies can take to blunt the impact. It's the latest in a series of postings Akamai has done to keep the public informed of its Poodle response. In addition to reviewing this new advisory, please refer to the following posts as well: Poodle FAQ: What Akamai

CAMBRIDGE, Mass. - October 23, 2014 - Akamai Technologies, Inc. (NASDAQ: AKAM), the leading provider of cloud services for delivering, optimizing and securing online content and business applications, today announced availability of the Q3 2014 State of the Internet - Security Report. Akamai's Prolexic Security Engineering and Research Team (PLXsert) is a recognized leader in Distributed Denial of Service (DDoS) protection services and strategies. This quarter's report, which provides analysis and insight

Today we've launched the first all-security edition of the State of the Internet report. State of the Internet also has its own website now, where readers can delve into Akamai's threat intelligence, threat advisories, data visualizations and more. Highlights of the security edition for Q3 2014 include a four-fold year-over-year increase in DDoS attack size and volume; new attacks targeting hand-held devices and the proliferation of easy-to-use attack tools. Download

In the latest episode of the Akamai Security Podcast, I talk to CSIRT Manager Mike Kun about what he calls an "interesting new attack vector" where bad actors forgo direct attacks against websites in favor of targeting third-party services the site is using. "Rather than go against a target directly, bad actors are looking at what other services that website is using," Kun explains. "A simple one is DNS. If

It's been a year of major security vulnerabilities. Last week we worked to mitigate the Poodle vulnerability. Two weeks before that was Shellshock and in April we had Heartbleed. All have shaken the security industry to the core, and Akamai staff have spent countless hours working to protect customers against these threats.To get a wider perspective of our actions in the face of such incidents, here's a collection of resources

The Boston Application Security Conference (BASC) was this past weekend, and Patrick Laverty from Akamai InfoSec's CSIRT team gave a talk called "How Hackers View Your Web Site." Patrick recorded the talk and posted it on his YouTube channel. Like everything he does, it's quite good. So I'm sharing it here. Laverty described his talk this way:"As defenders, we have to be right 100% of the time where an attacker

The Poodle attack (CVE-2014-3566) raised many questions from our customers, peers, auditors, and prospects. This post addresses some of the most frequently asked questions, and provides an update on how Akamai is handling its operations during this industry-wide event. For a basic background on Poodle, please read Akamai CSO Andy Ellis's overview blog post, or Akamai Security Researcher Daniel Franke's in-depth analysis.

Attackers are using Universal Plug and Play (UPnP) devices to launch massive DDoS assaults, Akamai's Prolexic Security Engineering & Research Team (PLXsert) warned this morning in an advisory.PLXsert estimates that 4.1 million UPnP devices are potentially vulnerable to exploits used for reflection DDoS attacks. That's about 38 percent of the 11 million devices in use around the world. PLXsert plans to share the list of potentially exploitable devices to

An attack affectionately known as "POODLE" (Padding Oracle On Downgraded Legacy Encryption), should put a stake in the heart of SSL, and move the world forward to TLS. There are two interesting vulnerabilities: POODLE, and the SSL/TLS versioning fallback mechanism. Both of these vulnerabilities are discussed in detail in the initial disclosure. POODLE POODLE is a chosen-plaintext attack similar in effect to BREACH; an adversary who can trigger requests from

We're Social

Akamai secures and delivers digital experiences for the world’s largest companies. Akamai’s intelligent edge platform surrounds everything, from the enterprise to the cloud, so customers and their businesses can be fast, smart, and secure. Top brands globally rely on Akamai to help them realize competitive advantage through agile solutions that extend the power of their multi-cloud architectures. Akamai keeps decisions, apps, and experiences closer to users than anyone — and attacks and threats far away. Akamai’s portfolio of edge security, web and mobile performance, enterprise access, and video delivery solutions is supported by unmatched customer service, analytics, and 24/7/365 monitoring. To learn why the world’s top brands trust Akamai, visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter. You can find our global contact information at www.akamai.com/locations.